Back to Feed
VulnerabilitiesJul 14, 2026

Microsoft releases Windows 10 KB5099539 extended security update

Microsoft releases Windows 10 KB5099539 with 570 vulnerabilities patched.

Summary

Microsoft has issued the Windows 10 KB5099539 extended security update, addressing a record 570 vulnerabilities from its July 2026 Patch Tuesday. This update includes fixes for two exploited and one publicly disclosed zero-day flaws. The free Extended Security Updates (ESU) program for consumers has also been extended by an additional year, now supporting enrolled devices until October 12, 2027.

Full text

Microsoft releases Windows 10 KB5099539 extended security update By Lawrence Abrams July 14, 2026 02:49 PM 0 Microsoft has released the Windows 10 KB5099539 extended security update, which includes the July 2026 Patch Tuesday security updates for 570 vulnerabilities, along with additional security fixes. Initially, Microsoft only offered consumers one year of extended security updates. However, last month, Microsoft quietly extended its free Windows 10 Extended Security Updates (ESU) program for consumers by an additional year, allowing enrolled devices to receives security updates until October 12, 2027. If you are running Windows 10 Enterprise LTSC or are enrolled in the ESU program, you can install this update like normal by going into Settings, clicking on Windows Update, and manually performing a 'Check for Updates.' Windows 10 KB5099539 updateSource: BleepingComputer After installing this update, Windows 10 will be updated to build 19045.7548, and Windows 10 Enterprise LTSC 2021 will be updated to build 19044.7548. What's new in Windows 10 KB5099539 Microsoft is no longer releasing new features for Windows 10, and the KB5099539 update primarily contains security updates and bug fixes. The update also includes fixes released as part of today's record-breaking July 2026 Patch Tuesday, which fixed a record-breaking 570 vulnerabilities, including two exploited and one publicly disclosed zero-day flaws. The complete list of fixes in KB5099539 is listed below: [OLE Automation (known issue)] Fixed: Addresses a compatibility issue in OLE Automation (oleaut32.dll) that was introduced by the June 2026 security update. Some applications that use the IDispatch::Invoke method to call COM methods with BYREF parameters that share the same underlying storage might fail. These failures can include parameter marshaling errors or automation call failures. This update corrects how parameter ownership is managed and restores expected application behavior. [File Explorer (known issue)] Fixed: An issue where the OneDrive shortcut in File Explorer stops working when File Explorer is run with administrative mode. [Recycle Bin (known issue)] Fixed: This update addresses an issue where the confirmation dialog might display an internal Recycle Bin file name instead of the original file name when permanently deleting a file. [Input] This update changes hotkey unregister and cleanup behavior. In rare cases, some built-in Windows experiences that rely on previous hotkey lifecycle behavior might temporarily stop responding to certain keyboard shortcuts. This issue can typically be resolved by restarting the app affected. If the issue is not resolved, report it through the Feedback Hub. [Secure Boot] This update enables dynamic status reporting for Secure Boot states in Windows Security App. This update includes additional high confidence device targeting data, increasing coverage of devices eligible to automatically receive new Secure Boot certificates. Certificate deployment via Windows updates continues across supported PCs and non-managed business devices in the coming months. [Networking] This update introduces a security hardening change that enforces TDI transport registration requirements. As a result, applications that use sockets over unregistered third-party TDI transports might stop working after installing this update. Registered TDI transports are not affected. For more information, see Third-party TDI transports might stop working after installing Windows security updates released on or after July 14, 2026. [Remote Desktop (RDP) Security] Support for SHA-2 certificate thumbprints has been added for trusted RDP publishers, with SHA-1 support retained only for backward compatibility and planned for future removal. New guidance is available for managing RDP file security through Group Policy to help organizations reduce phishing risks by controlling which .rdp files users can open. We recommend IT administrators migrate to SHA-256 thumbprints or a stronger algorithm as soon as possible to avoid disruption. Microsoft also warns that an intentional security hardening change that enforces TDI transport registration requirements may impact legacy applications that rely on unregistered third-party TDI transports. Windows users can determine whether they are affected by checking the Windows System event log in Event Viewer for AFD Event ID 16003 entries. "To determine if you have a TDI transport that is affected by this change, check the Windows System event logs in Event Viewer > Windows > System," Microsoft explains. "If you find an AFD Event ID: 16003 'An unregistered TDI provider (\Driver<Name>) was detected', then your TDI transport is affected by this change." Otherwise, Microsoft says there are no known issues with this update. Test every layer before attackers do Security teams log 54% of successful attacks and alert on just 14%. The rest move through your environment unseen.The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection. Get the whitepaper Related Articles: Microsoft quietly extends free Windows 10 ESU support to October 2027Microsoft releases Windows 10 KB5094127 extended security updateMicrosoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-daysMicrosoft June 2026 Patch Tuesday fixes 6 zero-days, 200 flawsWindows 11 KB5101650 & KB5099414 cumulative updates released

Entities

Windows 10 (product)Microsoft (vendor)